Firefox update policy: the enterprise is wrong, not Mozilla

Now that Mozilla has released Firefox 5, version 4, just three months old, is …

Three months ago, Mozilla released the long-awaited Firefox 4. Last week, the organization shipped the follow-up release: Firefox 5. Firefox 5 was the first version of the browser to be released using Mozilla's new Firefox product lifecycle, which would see a new version of the browser shipping every three months or so. The new policy has been publicized for some months, and so the release of Firefox 5 was not itself a big surprise. What has caught many off-guard is the support, or lack thereof. With the release of Firefox 5, Firefox 4—though just three months old—has been end-of-lifed. It won't receive any more updates, patches, or security fixes. Ever. And corporate customers are complaining.

The major problem is testing. Many corporations have in-house Web applications—both custom and third-party—that they access through their Web browsers, and before any new browser upgrade can be deployed to users, it must be tested to verify that it works correctly and doesn't cause any trouble with business-critical applications. With Mozilla's new policy, this kind of testing and validation is essentially impossible: version 5 may contain critical security fixes not found in version 4, and with version 4 end-of-lifed, the only way to deploy those fixes is to upgrade to version 5. That may not be an issue this time around, but it's all but inevitable that the problem will crop up eventually.

Testing overhead

That makes things awkward for the companies who need to validate browser releases. Rolling out security updates with minimal testing is, in theory, generally pretty safe, because security updates are narrow in scope, and because the risk of the alternative—running a known-exploitable browser—is worse than the risk of something breaking. With those security updates now inextricably linked to other, nonsecurity updates, some enterprise users are expressing the fear that their task is now impossible. The other updates included with the security fixes mean that each release is so large that it must be tested thoroughly, but the rapid release schedule means there's no time to do so.

This has some corporate users of the browser feeling very unhappy. Though the release itself came as little surprise, the consequences it would have for version 4 were not generally understood until it was too late. They didn't realize that they would no longer have access to security fixes for Firefox 4, and now have to test all over again for Firefox 5. And to make matters worse, future updates will probably come out even more frequently; a six week cycleis the goal.

These enterprise customers are plainly unhappy, and some commentators are suggesting that Mozilla is alienating its enterprise customers and in effect signing its own death warrant.

Flawed assumptions

But is this really the right response to take? We're not so sure that it is.

Let's be clear: the enterprise has never been Mozilla's number one priority. If it were, thispair of bugs wouldn't still be open more than half a decade after they were first filed. For enterprises, deployment and patch management using MSIs and configuration control using GPOs, are bread-and-butter stuff. They're a hallmark of enterprise readiness. Internet Explorer—surely the king of enterprise browsers—has this kind of support in spades. Chrome, too has some amount of enterprise support.

I'm sure both of those bugs will be fixed eventually. The work will get done. But enterprise users should take note: they're not the priority, and never have been. This should not be regarded as surprising.

But what of those organizations that use Firefox anyway? How are they going to cope now that they will have to do all this extra testing?

The answer to that is: the same way they always have done. The reality is that Firefox minor updates have never been restricted to pure security fixes. If organizations thought that they could get away with performing only minor testing of the 18 minor updates that Firefox 3.6 has received in just 15 months, they were mistaken. Firefox minor releases have long contained stability and compatibility updates. Sometimes there are even feature changes: 3.6.4 introduced a new system whereby plugins were run in a separate process, and 3.6.9 introduced support for new countermeasures against a certain type of security flaw.

These kinds of changes could absolutely cause compatibility issues with business sites and applications. For businesses that needed to perform extensive validation of the browser before deploying it, then both of these updates would require new validation. And in both cases there was no way of avoiding the new features; there were few "pure security" updates made to 3.6. The implication that the new policy somehow changes something about the nature of Firefox updates—and hence the testing burden—just isn't true.

Combining security fixes with broader compatibility and stability fixes or new features is not unique to Firefox, either; Google does the same for Chrome, and even the latest security update to Internet Explorer 9 includes a minor nonsecurity update that resolves a bug with downloading files. The isolated pure security fix just isn't a feature of the Web browser landscape.

Meaningless numbers

Some have said that the testing problem is a result of Mozilla's decision to bump the major version number—with the implication that their company's testing procedures are driven not by an assessment of what's actually changed but by a mere version number, as if the major version increasing meant that there must be major changes.

Mozilla could have chosen a better mechanism to distinguish between versions than a major version number bump—for example, if they had used a date-based numbering scheme then it's likely that this (flawed) inference would no longer be made. But it didn't, and the result is that an increase of the major version number doesn't necessarily imply major changes under the hood.

Mozilla certainly isn't the first to do this. The next version of the Linux kernel will be version 3.0, from the current 2.6.39.2, but this major version update doesn't denote major changes. It might just as well have been version 2.6.40, or 2.8, or something else entirely; it was simply the preference of Linus Torvalds that the major version should, after many years, be increased.

Nor is Mozilla the first major open source project to use a time-based release model instead of a feature-driven one. The Ubuntu Linux distribution has made twice-annual releases, with major version numbers that increment accordingly, since its inception. The user community understands this and responds accordingly.

The corporate response to this change in numbering policy should be trivial: base testing on what has changed rather than what the number is. Any other policy has never been consistent with the way the browser is actually updated. At worst, the new update policy is simply highlighting flaws in existing corporate practices.

346 Reader Comments

HiI'm the manager of the IT department of a BIG hospital in Spain. We are a high-tech hospital with full EMR and 90% of our circuits are paper free. And we are still using IE6, although we had been developing for IE8 and FF3.6. We are thinking to migrate from XP to 7 or linux, but to do so we have to test and adapt our apps with long term versions. It seems that firefox is not stable anymore, that leaves us with IE (and windows).

I do care about our apps, these are the ones getting work done, and if we have to stop developing new features, test, adapt/redevelop and pay other companies to upgrade (if possible) the custom made software we bought them... that will cost us ~30.000$. To get what? Fancy internet web pages? I do not care less about them. So... you want my users visit your web site, you will have to develop for my platform.I know we eventually have to update. Sure. But not every three months.If you complaint about PS3 games at 70$ each, try to buy a laboratory information system license ;-)

HiI'm the manager of the IT department of a BIG hospital in Spain. We are a high-tech hospital with full EMR and 90% of our circuits are paper free. And we are still using IE6, although we had been developing for IE8 and FF3.6. We are thinking to migrate from XP to 7 or linux, but to do so we have to test and adapt our apps with long term versions. It seems that firefox is not stable anymore, that leaves us with IE (and windows).

I do care about our apps, these are the ones getting work done, and if we have to stop developing new features, test, adapt/redevelop and pay other companies to upgrade (if possible) the custom made software we bought them... that will cost us ~30.000$. To get what? Fancy internet web pages? I do not care less about them. So... you want my users visit your web site, you will have to develop for my platform.I know we eventually have to update. Sure. But not every three months.If you complain about PS3 games at 70$ each, try to buy a laboratory information system license ;-)

You can't blame Microsoft for skipping Office 13. They did it for the same reason why many hotels don't have a 13th floor. Superstition. Yes, even in "civilized" countries. I doubt we'll see Chrome 13 or Firefox 13.

HiI'm the manager of the IT department of a BIG hospital in Spain. We are a high-tech hospital with full EMR and 90% of our circuits are paper free. And we are still using IE6, although we had been developing for IE8 and FF3.6. We are thinking to migrate from XP to 7 or linux, but to do so we have to test and adapt our apps with long term versions. It seems that firefox is not stable anymore, that leaves us with IE (and windows).

I do care about our apps, these are the ones getting work done, and if we have to stop developing new features, test, adapt/redevelop and pay other companies to upgrade (if possible) the custom made software we bought them... that will cost us ~30.000$. To get what? Fancy internet web pages? I do not care less about them. So... you want my users visit your web site, you will have to develop for my platform.I know we eventually have to update. Sure. But not every three months.If you complaint about PS3 games at 70$ each, try to buy a laboratory information system license ;-)

IE6 is nearly ten years old. There's got to be some middle ground between upgrading every few weeks and upgrading every decade. Companies still stuck on IE6 in 2011 because they have a huge, complex webapp to migrate should seriously consider whether migrating to another browser is even the right answer. .NET or win32 would be a more stable platform, plus both understand ActiveX.

HiI'm the manager of the IT department of a BIG hospital in Spain. We are a high-tech hospital with full EMR and 90% of our circuits are paper free. And we are still using IE6, although we had been developing for IE8 and FF3.6. We are thinking to migrate from XP to 7 or linux, but to do so we have to test and adapt our apps with long term versions. It seems that firefox is not stable anymore, that leaves us with IE (and windows).

I do care about our apps, these are the ones getting work done, and if we have to stop developing new features, test, adapt/redevelop and pay other companies to upgrade (if possible) the custom made software we bought them... that will cost us ~30.000$. To get what? Fancy internet web pages? I do not care less about them. So... you want my users visit your web site, you will have to develop for my platform.I know we eventually have to update. Sure. But not every three months.If you complaint about PS3 games at 70$ each, try to buy a laboratory information system license ;-)

*Sigh*

Let me spell this out for all you: stop coding to a certain browser, such as IE6, and instead code for an HTML standard. Yes, you MAY have to make small tweaks and fixes every so often for different browsers, but suggesting that you're going to have to completely redevelop your web applications every three months is ridiculous. That's not the way things work.

I'm the manager of the IT department of a BIG hospital in Spain. We are a high-tech hospital with full EMR and 90% of our circuits are paper free. And we are still using IE6, although we had been developing for IE8 and FF3.6. We are thinking to migrate from XP to 7 or linux, but to do so we have to test and adapt our apps with long term versions. It seems that firefox is not stable anymore, that leaves us with IE (and windows).

I'm the manager of the IT department of a BIG hospital in Spain. We are a high-tech hospital with full EMR and 90% of our circuits are paper free. And we are still using IE6, although we had been developing for IE8 and FF3.6. We are thinking to migrate from XP to 7 or linux, but to do so we have to test and adapt our apps with long term versions. It seems that firefox is not stable anymore, that leaves us with IE (and windows).

HiI'm the manager of the IT department of a BIG hospital in Spain. We are a high-tech hospital with full EMR and 90% of our circuits are paper free. And we are still using IE6, although we had been developing for IE8 and FF3.6. We are thinking to migrate from XP to 7 or linux, but to do so we have to test and adapt our apps with long term versions. It seems that firefox is not stable anymore, that leaves us with IE (and windows).

I do care about our apps, these are the ones getting work done, and if we have to stop developing new features, test, adapt/redevelop and pay other companies to upgrade (if possible) the custom made software we bought them... that will cost us ~30.000$. To get what? Fancy internet web pages? I do not care less about them. So... you want my users visit your web site, you will have to develop for my platform.I know we eventually have to update. Sure. But not every three months.If you complaint about PS3 games at 70$ each, try to buy a laboratory information system license ;-)

*Sigh*

Let me spell this out for all you: stop coding to a certain browser, such as IE6, and instead code for an HTML standard. Yes, you MAY have to make small tweaks and fixes every so often for different browsers, but suggesting that you're going to have to completely redevelop your web applications every three months is ridiculous. That's not the way things work.

*bigger sigh*

Sometimes you do not have the option of using a more recent browser unless you're willing to pay through the nose. I must say, € 30.000 for a big hospital should not be a dealbreaker. If that's all...

Like I said before, if you NEED IE6 for a given app you should consider virtualizing the damn thing. I've run IE6 on Windows 7 64-bit as a demo. It works. Depending on which virtualization platform you choose, you can virtualize other apps, switch to thin clients instead of desktops, use other OS's, ... You can even make this work automatically on a website per website basis. Site X -> IE6 and TheInterwebz -> IE9

If you want a stable development platform, don't use web browsers.That's not what they're for. If you want a stable platform for developing applications for internal use, or even for communicating between businesses, do not use a web browser for this task.

Wrong.

long_time_lurker wrote:

The point that is obvious to "enterprise" techies and is being totally missed by "web" geeks is this: within the enterprise, the browser is the client piece of several hundred (thousand?) client-server apps, all of which are needed for someone somewhere to do their job.

Right.

The browser is the universal client, independent of endianness, architecture, client OS, Layer 2 framing, font-set, server OS, and everything else. It has been obvious for fifteen years that any app that can be accessed through a browser should be accessed through a browser. There is no more-adaptable client-server protocol than (D)HTML over HTTP.

No, they aren't. The JS engine in Firefox is constantly being changed and tweaked, and IE9 has different JIT compilers depending on whether you use 32 or 64 bit browers. This shit is NOT corporate friendly.

So?

If you want a stable development platform, don't use web browsers.That's not what they're for. If you want a stable platform for developing applications for internal use, or even for communicating between businesses, do not use a web browser for this task.

Dude, chill - that was my point! I agree with you!

I was replying to a tard that was claiming Firefox was stable, and I was pointing out how it wasn't!

Chrome's high install rate is entirely due to it being shoved down your throat as an add-on to many, many other software installs. I see chrome installed on many customers machines who have no idea what it is, or how it got there.

I see this a lot, too. Most recently with Skype installs.

My ex asked me to fix her computer because she thought she'd been infected with malware. Turns out she'd installed Skype keeping all the default options (installing Chrome along with it). Every time something opened a browser window, it came up in Chrome, which she hated and thought was malware.

Enterprise admins are way too anal about testing. Do like facebook, give 5% of the users access then wait for the fallout. That way the impact on productivity is limited and IT isn't tied up doing monotonous testing.

You don't work in a team that has to do the testing do you? Try sitting in an environment of 75,000+ devices with 10,000+ apps that you have to manage and everyone is screaming give me the "new" but don't break the "old". Sit there for 5 minutes and then lets see if you can honestly say they are too anal.

I use Firefox both at home and at work, with Xmarks to keep my bookmarks synced between the two. This is the killer feature for me - I can keep my bookmarks synced over all the computers I use, Mac, PC and enterprise PC alike. If I can't use Firefox everywhere there is no point to using it at all.

Silly question, but since you use Firefox everywhere (or try to), why not use the built in Sync?

It has been obvious for fifteen years that any app that can be accessed through a browser should be accessed through a browser. There is no more-adaptable client-server protocol than (D)HTML over HTTP.

Stop pretending that web browsers were made to be stable development platforms. Newsflash: they aren't; they're made to display HTML. Even JavaScript is something shoehorned into them. Stop using them to make your little webapplets and stuff you're too lazy to write with a real programming language on a platform that is actually stable. If you use a hammer as a screwdriver, don't be surprised if it doesn't always work for you.

This is an excellent parody of an asinine line of thinking that goes back to the days when chip-on-their shoulder Real Programmers (read: people with set-in-stone skill sets who cannot deal with the fact that the world is changing around them) would talk about how horribly unstable FORTRAN was, and that if you wanted stability you would stick with assembly language.

It must be a parody, since no one would seriously try to roll back the last decade of rapid software development and seriously suggest that everyone should program your [new technology token] with [old technology token].

You missed my point entirely. My point was that, if you want a stable development platform, then write that platform. Don't just subvert web browsers because you can kinda sorta finagle them into working. Build a platform that acts as a stable platform for developing quickie applications.

No; they just wanted to leech on the success and widespreadness of browsers. They keep trying to infest browsers with their app development stuff.

Flash is a more stable platform than browsers. Flash!

Xepherys wrote:

bwcbwc wrote:

But when new web standards are promulgated in the future, who's going to listen to Mozilla? Not me, I won't be supporting their browser, so I won't care what new, wonderful standards they're releasing.

Perhaps you aren't aware of what a standard is. HTML4 or HTML5 is a standard. If FF or IE deviate from that, it is no longer a standard. There's no reason that any browser is not going to properly parse a "standard" page.

That's a great fantasy land you live in. Sadly, we live in the real world, where deviation (intentional or otherwise) is a fact of life. HTML5 doesn't even exist yet. And even when it does, there will be browsers that don't support all of it. And even if they did, they wouldn't support them the same way (see the video tag issue).

Another reason why browsers shouldn't be used as a stable development platform.

Quote:

Last I checked they figured it would be 3 months before they supported FF4 completely.

Firefox 4 was in beta for 6 months (at least). If they couldn't get off their asses in 6 months to make it work, screw them.

Quote:

I use Firefox both at home and at work, with Xmarks to keep my bookmarks synced between the two. This is the killer feature for me - I can keep my bookmarks synced over all the computers I use, Mac, PC and enterprise PC alike. If I can't use Firefox everywhere there is no point to using it at all.

Stop pretending that web browsers were made to be stable development platforms. Newsflash: they aren't; they're made to display HTML. Even JavaScript is something shoehorned into them. Stop using them to make your little webapplets and stuff you're too lazy to write with a real programming language on a platform that is actually stable. If you use a hammer as a screwdriver, don't be surprised if it doesn't always work for you.

This is an excellent parody of an asinine line of thinking that goes back to the days when chip-on-their shoulder Real Programmers (read: people with set-in-stone skill sets who cannot deal with the fact that the world is changing around them) would talk about how horribly unstable FORTRAN was, and that if you wanted stability you would stick with assembly language.

It must be a parody, since no one would seriously try to roll back the last decade of rapid software development and seriously suggest that everyone should program your [new technology token] with [old technology token].

Nobody is saying to "roll back the last decade... and use [old technology token]." Just implement [new tech token] with [new tech programming/language]. You don't have to write enterprise apps in FORTRAN - you have Visual Basic, C#, .NET, etc. Then it will always run just the way you wrote it because its foundation will be the OS - which won't change every three months. See Windows XP.

Let me spell this out for all you: stop coding to a certain browser, such as IE6, and instead code for an HTML standard. Yes, you MAY have to make small tweaks and fixes every so often for different browsers, but suggesting that you're going to have to completely redevelop your web applications every three months is ridiculous. That's not the way things work.

Another good example of this in the enterprise is Cisco. In PIX code in the 6 train, they introduced major changes to the commands between 6.0 and 6.3. Recently, with ASA firmware 8.3, configs from 8.2 have to be upgraded through a modification process that is not always accurate and can result in non-working configs. Also the commands that worked on 8.2 for NAT do not work on 8.3. Why they did not go to 9.0, I have no idea, but it causes a huge pain in my ass.

Note they do not do this with IOS, because the big providers would take them out behind the woodshed and beat them within an inch of their life. Now that Juniper is doing that, maybe they will start, who knows?

Standardized version numbers went out back with Windows 95, which was the first large-scale enterprise product I can think of that got away from Major.Minor.Revision, which puts us at what, 17 years of not having that? 30 years my ass.

Just implement [new tech token] with [new tech programming/language]. You don't have to write enterprise apps in FORTRAN - you have Visual Basic, C#, .NET, etc. Then it will always run just the way you wrote it because its foundation will be the OS - which won't change every three months. See Windows XP.

I can't tell if this is a facetious comment or not. Windows XP has been obsolete for years, and despite having one release name has changed a lot over the years. Then there's the fact that most ISVs couldn't/can't seem to cope with the UAC in the move past XP and you see how ridiculous the argument sounds. Everything else you cite works on only one or two platforms, and certainly isn't immune from ABI changes. You guys don't get out much, do you?

Well, at least it's not Google that's telling people that they "invented" stuff, it's (some of) their *users*...

However, Google Chrome in particular is rather Apple-esque. I'd say that Chrome:Firefox::iOS:Android.

Chrome (and iOS) is pretty much about giving a good set of (easily used) defaults ("it just works"), and also sometimes sacrifices options in order to make things simpler. I'm not really sure how official this policy is, but it's quite obvious, and it's been stated by Chrome devs that "in general we try to avoid options and "just do the right thing"".

There is of course nothing inherently "bad" about this, and in many cases it's quite the opposite. There are a lot of people that don't *want* unnecessarily many options, some because they're not comfortable with making changes (such as my parents), and some that are quite *capable* of making changes, but don't *want to*, and would prefer a good set of defaults right out of the box.

However, since there's no set of defaults that's "ideal" for everyone, that means that a lack of options/customization ability limits the people who are willing and able to much around with such things. Of course, the selected defaults (and whatever customization exists) can still make the platform the "best" option for (some) "technologically savvy" users, but often more options would make it possible to improve the situation *if you're willing to put in the effort*.

Again, this design choice isn't inherently bad, and it can in fact be great for people who want things to "just work" (and I'm seriously considering migrating my parents over to Chrome for this very reason). However, it strikes me as a bit funny that quite a few Chrome users seem to think that using Chrome marks them as being "technologically savvy", when in fact they're using a product that's essentially targeting my computer-illiterate mother.

Added disclaimer: Chrome has many benefits, and can certainly be "good" for even the most technologically knowledgeable, but they're not the *target*.

Enterprise admins are way too anal about testing. Do like facebook, give 5% of the users access then wait for the fallout. That way the impact on productivity is limited and IT isn't tied up doing monotonous testing.

You don't work in a team that has to do the testing do you? Try sitting in an environment of 75,000+ devices with 10,000+ apps that you have to manage and everyone is screaming give me the "new" but don't break the "old". Sit there for 5 minutes and then lets see if you can honestly say they are too anal.

I do development and testing. I've contracted work for large companies and small governments and never had a major issue with my testing methods. Usually the test user base is screened so we know that we're not getting people that a clueless. Crowd-sourcing is essential when you don't have the resources to do the job any other way.

My biggest issue as a technician is that A) most people hate doing updates all the time. If you are pestering people to update to the new version right after they updated to the old version, they are going to get fed up real quick. B) It can be very confusing to a lot of our customers when we try to explain to them how different browsers have different compatibilities. I had a web devo. customer who was still using IE v6 a while back and couldn't figure out why the website I built for her looked weird on her PC.

What on earth are you talking about? How could the BBC get away with not broadcasting SD?

He's probably talking about the US market. All broadcasters here moved to DTV(ATSC) several years ago. They do not send out multiple signals either, analog(NTSC) was shut down as part of the move. Broadcasters send out a signal on a given frequency, digitally, often with subchannels, and it is then scaled by the tv to its native resolution from whatever resolution they choose to broadcast at. No second signals needed.

HiI'm the manager of the IT department of a BIG hospital in Spain. We are a high-tech hospital with full EMR and 90% of our circuits are paper free. And we are still using IE6,

I cant believe people dont see the real problem. You have been developing for ancient and known to be standard-incompatible browsers (IE6, IE7). Thats why you have to rewrite your application. Sticking to IE made the situation only worse as new versions of it continued to be standard-incompatible, but in different ways. You have a period of stability, minus the security holes and bugs, but when you upgrade, everything needs to be rewritten.

Write for standards and the apps will work in any standard-compliant browser, any time.

As for those who require stable platforms for critical systems, like the department of defense or the army. "As a soldier, I absolutely can't allow any device on my network that hasn't been thoroughly tested. People's lives depend on security and 6 weeks isn't enough time for my shop to verify that FF is safe to use on government PCs."

You don't have the capability to test any browser's security. If that was possible no browser would have security issues.How many government PCs have been until recently (or still are) on the "throughly tested" WinXp+IE6/7? How many security issues did this combination have compared to the "less tested" alternatives (linux+ff or even win+ff)? You say you value security but put Win+IE on the critical systems? Are you nuts?

seems, to me there is alot of round and round about "Enterprise IT" vs Non-Enterprise IT. fact is, many who have not been in an enterprise shop do not understand the hows,whys etc for enterprise IT.

another fact, all of us would LOVE to dump IE6. but, when you have an app the requires an activeX control on IE6 to work. it hangs you up. in many cases the venders want huge money to "upgrade" to anew version of the product so they can give you a new control.

Enterprise IT, is not like running a small shop, you have rules, compliance's, and laws you must abide to. and dozens of crappy apps, to support in many cases.....

another fact, all of us would LOVE to dump IE6. but, when you have an app the requires an activeX control on IE6 to work. it hangs you up. in many cases the venders want huge money to "upgrade" to anew version of the product so they can give you a new control.

Business is business. Either you (the Enterprise collectively, not you personally) can pay the money for the expensive upgraded enterprise apps, or you can pay the costs (in time and security breaches) of staying on WinXP/IE6 forever. Run the numbers and make a rational decision... or squeeze on costs now, lie to the regulators about security, and sell your stock and retire before the rot is apparent from outside.

From where I sit, it looks like Mozilla accelerating their dev cycle by not supporting old versions for years is a good thing. The web as a whole can advance faster, and the costs of Enterprise computing are internalized into the enterprises that are so Enterprisey that their enterprise is incomprehensible to small-shop Muggles.

There used to be a sort of ad-hoc standard for version number increases.

0.0.1 increments were for bug fixes and security patches. The type of thing that fixed problems but didn't add new features. These version bumps could be rapidly deployed without worry.

0.1 increases were for feature improvements that did not break API or file format compatibility. These version increases needed a bit of examination, but were generally safe for deployment.

Full version increases were for changes that broke API compatibility, changed file formats, or otherwise made alterations that may affect functionality or interoperability of software. They needed thorough examination before deployment.

There used to be a sort of ad-hoc standard for version number increases.

<snip>

This system worked well. Why change it?

I'm more curious as to how difficult it makes maintaining extensions.

I'm not a programmer, so I don't know the answer to this, but I did try to mess around with modifying a couple of extensions (themes) for a bit, and failed miserably.

Extensions have a compatability line in them. You could be compatable with 3.6.* or 3.* or whatever. If every point is now a full integer, how does the extension author/maintainer know when something significant is going to break their extension?

I mean, for example, I had an extension that provided a preview of a page when you moused over the tab. It worked for 3.6.x and the author could be pretty sure that nothing was going to break it. Now, how does the author know what changes are going to be implemented (or left out) of each version upgrade? Fuck all changed between FF4 and FF5, so the author would have been safe there, but what about going from 5 to 6? Or 7?

Has this versioning change meant extension authors now have to check every new version just in case? What is going to signify a major change now?

I'm a Seamonkey user. Seamonkey uses a lot of the same internals as Firefox, but it has decided to stick with point upgrades instead of the new Mozilla versioning. SM2.1 is equivalent to FF4, SM2.2 to FF5, etc. I'm noticing that some of my extensions are compatable with 2.1 only, while others are compatable with 2.1 to 2.4. Is this about resources available to maintain extensions, or lazy extension developers? Somewhere in between?

I can't help but feel Mozilla is making life difficult for third party developers that are trying to work with Mozilla.